Every code is breakable!!!: 2013

Tuesday, December 3, 2013

How does communication protocols exchange streams of data.?

Three Way Handshake :

TCP/IP is the communication protocols used in connecting hosts between internet. Every OS in the market comes with the inbuilt TCP stack in them. Without the kernel's TCP network ,there is no possible data exchange can happen between devices, be it mobile devices, laptops, desktops and any other network hardwares.
Among the 4 layers in the suite, the transport layer takes the responsibility of transmission,error detection,recovery,reliability and session control.

How does the data transmission really takes place?
The blocks of data are sent through the transport layer. Each segment of a message sent from the machine contains a checksum which checks if the data at the receivers's end is correct. If the data received at the destination is undamaged, then an acknowledgement will be sent to the sender machine, else the receiver discards the segment and the sender machine sends all the segments for which a positive acknowledgement has not been received.
This is the frame for a 3-Way HandShake. Three distinct segments are exchanged between the hosts for reliable TCP session to be established.

EVENT	DIAGRAM
Host A sends SYN to Host B Host B receives A's SYN Host B sends a acknowledgement SYN-ACK to Host A Host A receives B's SYN Host A sends a acknowledgement ACK to Host B Host B receives A's ACK. TCP socket connection is ESTABLISHED.	TCP Three Way Handshake (SYN,SYN-ACK,ACK)

Steps in the handshake:

Machine A sends a SYN signal to initiate the connection to the target Machine B.
( 1 Shake)
SYN - synchronize sequence number . Its just the sequence number it starts the segment with.
Machine B acknowledges the communication with the SYN-ACK signal. It responds along with sequence number it will start with. (2 Shake)
Machine A, after receiving the acknowledgement from B, checks the SYN number from B and acknowledges the initial sequence number of B. A sends the final ACK signal and starts the data transferring in segments(bits). (3 Shake)

That's why this is called a 3 way Handshake (SYN - SYN - ACK)

TCP/IP is the de-facto standard for transmitting data over internet.

Wednesday, November 13, 2013

Pakistan Hijacked Youtube - Prefix Hijack

Even a single fixed-route attack can destabilize a Network....!

Everyone remembers the time in 2008 when Pakistan Gov. put down orders to officially block YouTube broadcast in Pakistan. In response to this, Pakistan telecom blocked the YouTube telecast by the very old Prefix hijack, which resulted in YouTube being blocked.

How did this happen?

Pakistan Telecom provider tried to block YouTube in their homeland by advertising an unauthorized prefix route, to its providers. This newly defined prefix route ( 208.65.153.0/24) happens to be the more perfect destination route of the Youtube server ( 208.65.152.0/22). The upstream providers of the country relayed it to the Internet World, rerouting all of YouTube's traffic to Pakistan Telecom, thus blocking YouTube for all of its users worldwide.

Within 2 minutes from the first relay of the bad route, almost all the world providers carried the route.

Youtube alerted that the /24 prefix has been hijacked.

All the providers start dropping the erroneous route and carried out the /25 prefix thus getting Youtube back to its users.

Its times like this , the term BGP takes revival and fame. BGP - Border Gateway Protocol used in exchanging routing information within and between Autonomous systems (Google,Bank of America,Samsung,etc).

This attack states a phenomenon "Even when a router announces seriously bogus information,it will continue to announce the same bogus information for the duration of its attack".

Wednesday, November 6, 2013

ASSEMBLER - X86

Assembler --- Assembly instructions into Machine Code Instructions.

When the assembly instructions is sent into the ASM , the named 'variables' are hard-coded as memory address and ;label' variables as code address. Some parts of the prog source are always lost when assembler is used,which is inevitable.

MASM - Microsoft Assembler. (Macro Assembler)

Used by Microsoft systems for the low-part definition of the Operating systems.
Used for Intel core.
This is not portable and hence is the disadvantage with other platforms.

TASM - Turbo assembler

Developed by Borland and used in integration with Borland's software development tools.
This assembler is not free .

NASM - Netwide Assembler

Free, portable and retargetable.
Can be used both in Linux and Windows systems.
Not mature as TASM and MASM,but definitely user-friendly.

FASM - Flat Assembler

Fast Self-assembling Open-source (X86) assembler .

AT & T Syntax

AT&T syntax is different from Intel Syntax, but is used in GAS (GNU Assembler) ,mainly distributed in Unix and Unix-based Systems.
GAS is specifically designed to be used as the back-end of GCC (GNU Compiler Collection) package.
GCC always feeds it syntactically correct code,GAS often has minimal error checking.
GAS syntax can be switched to Intel syntax with the directive ":intel_syntax noprefix"
GAs is automatically installed with GCC or GNU binutils distribution package.

HLA - High Level Assemblers

An assembler with high-level syntax.
HLA acts as a front-end to other assemblers as FASM, MASM , NASM and GAS. So, the programmer must have another assembler installed to assemble programs with HLA.
HLA comes with a comprehensive standard library.
HLA syntax is very easy and closely resembles to C.

Example of a HLA code :

mov (src, dest) ;

pop(eax) ;

push(ebp) ;

for (mov (0, ecx) ; ecx < 10; inc (exc)) do

mul (ecx) ;

endfor ;

Friday, October 25, 2013

Binary Bomb!!!! BOOMMM!!!!

BINARY BOMB - A BOOM at each phase!

A "binary bomb" is a Linux executable C program that consists of six "phases." Each phase expects the user to enter a particular string on stdin. If the user enters the expected string, then that phase
is "defused." Otherwise the bomb "explodes" by printing "BOOM!!!".
The goal is to defuse as many phases as possible without defusing the bomb.

Each bomb phase tests a different aspect of machine language programs:
  Phase 1: string comparison
  Phase 2: loops
  Phase 3: conditionals/switches
  Phase 4: recursive calls and the stack discipline
  Phase 5: pointers
  Phase 6: linked lists/pointers/structs

There is also a "secret phase" that only appears if students append a certain string to the solution to Phase 4.

Each user gets a unique bomb that they must solve themselves.  The unique
solution to each bomb is available to the instructor.

Catch the source code at Binary Labs: CMU Binary Bomb

Wednesday, October 23, 2013

Disk encryption installation of ArchLinux.

ArchLinux - System Encryption with a keyfile on a external flashdrive/CD/USB:

Script for the arch-linux - full system encryption with a keyfile on a external drive.


#!/bin/bash

modprobe dm_mod

cryptsetup -c aes-xts-plain -s 512 luksFormat /dev/sda2 /mnt/USB/keyfile.jpg

cryptsetup -d /mnt/USB/keyfile.jpg luksOpen /dev/sda2 rootcrypt

mkfs -t ext4 /dev/mapper/rootcrypt

mkfs -t ext4 /dev/sda1

mkdir /mnt/boot

mount /dev/sda1 /mnt/boot

mount /dev/mapper/rootcrypt /mnt

pacstrap -i /mnt base base-devel

genfstab -p /mnt > /mnt/etc/fstab

arch-chroot /mnt

bash

cd //boot

pacman -S syslinux

nano /etc/syslinux/syslinux.cfg

//append the keyfile path//

cryptdevice=/dev/sda2:rootcrypt root=/dev/mapper/rootcrypt ro cryptkey=/dev/disk/by-label/USB:vfat:keyfile.jpg

nano /etc/mkinitcpio.conf

//add encrypt hook //

MODULES="dm_mod vfat ext4"

HOOKS=base udev block autodetect encrypt filesystems

//Save the file and exit//

syslinux-install_update -i

syslinux-install_update -a

syslinux-install_update -m

nano /etc/hostname

passwd

ln -s /usr/share/zoneinfo/America/New_York /etc/localtime

nano /etc/locale.gen

LANG="en_US.UTF-8"

//Save and exit the file//

nano /etc/locale.conf

//Uncomment the en_US.UTF-8 line//

//Save and exit the file//

exit

exit

mkinitcpio -p linux

umount /dev/sda1

reboot